The Use of Technology to Support Nuclear Security
Written by Security Specialist, Paul Tonks.
Technology moves at a swift pace. Innovations emerge, often creating markets we never realised existed. The reduction of production costs also opens the market to a much wider segment of the community; for instance, small discrete camera systems, previously the remit of ‘James Bond types’, with superb playback quality, are now readily available at pocket-money prices.
In the Security World, and particularly in the Nuclear industry such innovations and availability raise concerns for those seeking to protect our assets. Security, contrary to popular conception, is actually very difficult to achieve. A Security plan needs to consider each possible vulnerability and balance the risk against the cost benefit before determining a case for agreed appropriate and proportionate mitigations to counter each threat. Sadly, adversaries have the advantage of only having to exploit a single weakness and the time of their choosing.
With the tempo of change it can be difficult to keep pace with emerging threats. In some cases, the counter-threat solutions are also impeded by a slow approval process; which in reality sees the delivery of the solution either too late (post incident) or too late (because it is already outdated upon arrival).
So what kind of threats are there? Though perhaps more importantly how can we capitalise upon technology to support our Industries Security requirements; whilst keeping one step ahead of potential adversaries?
Unmanned Aerial Systems/Vehicles (UAS/UAV)
Technology creates new threats such as concerns over the now ubiquitous nature of Unmanned Ariel Systems (UAS). Oddly, model aircraft have been around for years, yet it is the ‘out-of-the-box’ nature of UAS that raises concerns; this makes them far more widespread and a common sight in our skies. This adds two elements to the equation, complacency, as we become familiar with their presence; and ease of accessibility and deployment.
Payload capabilities are an increasing concern as is the future development of ‘swarm’ technology, whereby a number of UAVs in one UAS can be controlled by a single operator. The fairly unregulated nature of UAS is also a concern in some countries; yet there are two sides to the effectiveness of regulation; as with most regulations those with malicious intent will still act without consent; however, regulation may reduce flights in no-fly zones and therefore remove the compliancy issue around such areas.
Counter UAS Solutions
Akin to the search for Shangri-La, governments are keen to find a viable counter UAS system. There are all kinds of solutions currently fielded such as:
Friendly operated UAS with underslung nets: designed for some kind of Ariel combat where adversary and defender seek to net or avoid being netted.
Rocket launcher type systems: developed as shoulder launched anti-UAV rockets that net the UAV and bring it to the ground under the canopy of a small parachute.
Jamming Systems: that create an electro-magnetic umbrella to disrupt the signal to the UAV.
However, when we begin to consider Industrial sites, let alone nuclear, one has to consider what happens when a UAV is actually brought down? Where will it land? What damage could it do upon landing? Let alone considering what, if it is malicious, it is carrying. Hence the issue of ‘shooting down’ an unknown UAV becomes slightly complex.
What do UAS offer Nuclear?
Operating Site based UAS offer alternatives for a number of non-security related issues. For instance, viewing structures at height without needing to construct scaffold provides a time and cost saving benefit during exploratory stages of routine or planned work.
Yet UAS also offer alternative support and functionality for Security related roles; these include:
Providing situational awareness: during a potential or real threat investigation as UAV can provide an over watch to assess the situation keeping personnel away from the potential risk.
Routine patrols: an operator can deploy a UAV on pre-determined routes using waypoints and view a large area quickly, with clear resolution images (dependent upon the camera systems mounted) and probably obtain greater awareness of the overall area than had the ground been walked.
Automatic response and deployment: integrated with other detection systems a UAS could potentially auto-deploy to the coordinates of the alarm to provide immediate over watch. Thus reducing the need for expensive perimeter security systems on low-threat locations.
Even though it is often a business enabler the human cost of security is still seen as a proportionately high sunk-cost. Many installations have a mix of armed and unarmed Security personnel both providing different roles and capabilities. It can be difficult to gauge the correct contingent required to protect an asset so in some cases a generic, one size fits all, approach is used.
It is perhaps more fitting to consider the assets being guarded; and develop the Security requirements based on the elements of threat, risk and probability. Here it is worth considering how technology can be used to support Security effectiveness; in low consequence and low risk locations this may allow a reduction in Security personnel; and offer cost savings during processes such as decommissioning or construction?
Technology considerations are endless but some examples include:
- Video analytics that remove subjectivity and human error. Analytical software that can be added to existing camera systems. This detects anomalies automatically, highlighting the issue to an operator who may be trying to monitor a myriad of camera views.
- Under vehicle inspection systems and other detectors. Radiological monitoring systems and under and over vehicle camera systems increase the likelihood of detecting materials entering and exiting a facility. Auto-detect functions alerting guards that there is an issue.
- Facial recognition systems remove the need for passes Available technology reacts instantly, providing an automatic display at the access control station of each individual detected; in essence an individual’s facial features are linked to their access rights. More importantly anyone who should not be there is also automatically identified access is blocked and allowing immediate interdiction by Security personnel. This technology also works when individuals wear hats and sunglasses or only have part of their faces covered. A completely covered face would prevent access rights from working.
Despite the hype surrounding Cyber Security, perhaps our greatest vulnerability still sits with the people using our IT systems. Akin to other Security protections, the adversary only needs to find one weakness to exploit and gain access to our systems.
The Stuxnet incident highlights the nature of human curiosity. One methodology for the delivery of the Stuxnet program was leaving USB sticks around the facility. It was only a matter of time before someone picked one up, and what do you do when you find a USB stick?
Many everyday attacks occur via email phishing; one only need click on a link and those with malicious intent have gained access to your network.
Cyber Security is a complex area and this short article cannot do it justice; however, the key take away in this area would be to engage with your employees, ensure they understand the threats and weaknesses. Consider the following measures:
- Assume that adversaries are already accessing or trying to access your system.
- Create sound incident and response procedures and formulate your recovery plan.
- Don’t reboot the system to remove the problem but conduct an investigation and try and find the source of the threat – this may be the only way we can truly learn and counter the vulnerabilities we have.
- Remember this is a continual struggle, patch and update your systems and communications devices frequently.
Security will remain a key concern throughout the lifecycle of nuclear material. Associated Security costs will continue to remain a major consideration during this period. As technology changes, so will the threats. If we cannot prevent these changes then at least we should consider how technology can enhance our own protective measures and rather than await innovation strive to be at the forefront of technological innovation. Countering the threat before it creates the problem.
Paul currently operates a consultancy that provides expertise that supports an International Consortium with a particular focus on Nuclear Security Culture. He also has a full time role within the Security Industry.
Share this article
Help us grow and achieve your potential at a values-driven business.